As the world’s leader in digital payments technology, Visa’s mission is to connect the world through the most creative, reliable and secure payment network - enabling individuals, businesses, and economies to thrive. Our advanced global processing network, VisaNet, provides secure and reliable payments around the world, and is capable of handling more than 65,000 transaction messages a second. The company’s dedication to innovation drives the rapid growth of connected commerce on any device, and fuels the dream of a cashless future for everyone, everywhere. As the world moves from analog to digital, Visa is applying our brand, products, people, network and scale to reshape the future of commerce.

At Visa, your individuality fits right in. Working here gives you an opportunity to impact the world, invest in your career growth, and be part of an inclusive and diverse workplace. We are a global team of disruptors, trailblazers, innovators and risk-takers who are helping drive economic growth in even the most remote parts of the world, creatively moving the industry forward, and doing meaningful work that brings financial literacy and digital commerce to millions of unbanked and underserved consumers.

You’re an Individual. We’re the team for you. Together, let’s transform the way

The IAM Cybersecurity team is searching for an attentive, thoughtful, communicative and passionate engineer to join our team and help us evaluate, implement, deploy and support IAM technologies that enable SSO, Authentication & Authorization for our enterprise applications.   

Engineers typically work under the guidance of Subject Matter Expert (SME), architects, lead engineers and managers responsible for a given area; this role will focus equally on Active Directory (AD), Windows platform and Public Cloud platforms (AWS, GCP and Azure).   

Essential Functions 

• Help manage and execute BAU access request tasks with Active Directory and Windows Services and public Cloud in a globally distributed environment  
• Collaborate with other teams within IAM and provide solution and support for AD & Windows Server and Cloud technologies  
• Enhance and improve existing processes through automation and reporting   
• Collaborate effectively with diverse teams, utilizing excellent verbal and written communication skills
• Develop and document procedures and associated training plans for the team to handle operations and access requests  
• Process tickets assigned to team incident and task queue via the ServiceNow system to make sure availability and performance SLAs are met
• Create and maintain system documentation for domain technologies, including installation, configuration, and appropriate troubleshooting steps  
• Improve existing processes through solutions to recurring problems and enhancements to existing solutions or documentation  
• Utilize SIEM tools (e.g. Splunk, Quest Active Roles) to analyze security event logs, troubleshoot authentication errors, and perform root cause analysis
• Read, develop, and be able to modify existing PowerShell scripts for automating and remotely configuring Active Directory and Windows Server
• Monitor KPIs and provide fulfillment for incident / access request ticketing queues to meet or exceed SLAs.
• Effectively communicate business processes, security policy requirements, and technical details to a wide range of technical and non-technical individuals.
• Analyze and isolate problems and issues while leading incident problem bridges while being available for on-call rotation.
• Administer identity and access management services, tools and feature in public cloud provider environments
• Support internal and external audits request for evidence using current industry tools
• Contribute to secure environment following separation of duties (SoD) and least privilege (LP)

Basic Qualifications 

• Two-three (2-3) years relevant experience as a Cybersecurity Engineer or comparable title with a bachelor's degree in Computer Science or a relevant technical discipline  
• At least two (2) years' experience with knowledge and skills in access management for AD, Windows and Public Cloud platforms
• Have a general understanding of TCP/IP networking, application servers, CIFS file shares, and public cloud infrastructure
• A working knowledge of Windows server operating systems including LDAP, Authentication, Kerberos and DNS  
• Knowledge of Windows Server Security (IPSec, NTLM, UAC, Windows Firewalls, etc.)  

Preferred Qualifications 

• CISSP / CCSP/ MCSE certified professional
• Experience with Quest AD tools (ARS, Change Auditor, and RMAD) as well as ERPM, Hashicorp or other vault technologies for credential/secrets management
• Technical knowledge of IIS, SQL, Hypervisors and Azure, AWS and GCP cloud platforms
• Understand identity and access management processes, best practices and business flows
• Some DevOps experience with understanding of REST APIs
• Visa prefers not to sponsor authorization for employment in the U.S. in connection with this position   

Work Location:

• This job and its incumbent can be worked from Austin (TX) or Highlands Ranch (CO), Ashburn (VA), Bellevue (WA), or Foster City (CA)

Work Hours

• The incumbent must avail themselves during core business hours.
• Requires availability to meet with teams in the Central Europe, Middle East, and African (CEMEA) and Asian Pacific (AP) time zones 2x weekly

Travel Requirements

• This position does not require the incumbent to travel.  

Physical Requirements

• This position will be performed in an office setting.  The position will require the incumbent to sit and stand at a desk, communicate in person and by telephone, frequently operate standard office equipment, such as telephones and computers, reach with hands and arms, and bend or lift up to 25 pounds.

Visa is an EEO Employer.  Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.  Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.